EUVD-2016-4173

Malware in sbrugna...

EulerOS 2.0 SP5 : krb5 (EulerOS-SA-2019-2532)

According to the version of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an olde...

MGASA-2019-0028 Updated krb5 packages fix security vulnerability

An authenticated user who can obtain a TGT using an older encryption type DES, DES3, or RC4 can cause an assertion failure in the KDC by sending an S4U2Self request CVE-2018-20217...

Updated krb5 packages fix security vulnerability

An authenticated user who can obtain a TGT using an older encryption type DES, DES3, or RC4 can cause an assertion failure in the KDC by sending an S4U2Self request CVE-2018-20217...

Null pointer dereference

The validateasrequest function in kdcutil.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.13.6 and 1.4.x before 1.14.3, when restrictanonymoustotgt is enabled, uses an incorrect client data structure, which allows remote authenticated users to cause a denial of service NU...

CVE-2016-3120

A NULL pointer dereference flaw was found in MIT Kerberos krb5kdc service. An authenticated attacker could use this flaw to cause krb5kdc to dereference a null pointer and crash by making an S4U2Self request, if the restrictanonymoustotgt option was set to true...